diff --git a/libexec/rc/rc.d/accounting b/libexec/rc/rc.d/accounting index 5c08f18cd2ca..1e0ece84fb15 100755 --- a/libexec/rc/rc.d/accounting +++ b/libexec/rc/rc.d/accounting @@ -76,4 +76,8 @@ accounting_rotate_log() } load_rc_config $name + +# doesn't make sense to run in a svcj: jail can't manipulate accounting +accounting_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/adjkerntz b/libexec/rc/rc.d/adjkerntz index 81ee596369a5..339f8add7201 100755 --- a/libexec/rc/rc.d/adjkerntz +++ b/libexec/rc/rc.d/adjkerntz @@ -14,4 +14,8 @@ start_cmd="adjkerntz -i" stop_cmd=":" load_rc_config $name + +# doesn't make sense to run in a svcj: jail can't modify kerntz +adjkerntz_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/apm b/libexec/rc/rc.d/apm index b2bde4d32d1c..3187f41c3a50 100755 --- a/libexec/rc/rc.d/apm +++ b/libexec/rc/rc.d/apm @@ -43,4 +43,8 @@ apm_status() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +apm_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/apmd b/libexec/rc/rc.d/apmd index 8c6293549dc0..aeb5042342d6 100755 --- a/libexec/rc/rc.d/apmd +++ b/libexec/rc/rc.d/apmd @@ -34,4 +34,8 @@ apmd_prestart() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +apmd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/auditd b/libexec/rc/rc.d/auditd index 90017d88ab85..caea2587a2e9 100755 --- a/libexec/rc/rc.d/auditd +++ b/libexec/rc/rc.d/auditd @@ -32,4 +32,8 @@ auditd_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +auditd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/auditdistd b/libexec/rc/rc.d/auditdistd index e7ae7d64d39d..0814c2a4d2c7 100755 --- a/libexec/rc/rc.d/auditdistd +++ b/libexec/rc/rc.d/auditdistd @@ -17,5 +17,7 @@ command="/usr/sbin/${name}" required_files="/etc/security/${name}.conf" extra_commands="reload" +: ${auditdistd_svcj_options:="net_basic"} + load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/automount b/libexec/rc/rc.d/automount index b01928651ec4..19f367837189 100755 --- a/libexec/rc/rc.d/automount +++ b/libexec/rc/rc.d/automount @@ -28,4 +28,8 @@ automount_stop() } load_rc_config $name + +# mounting shall not be performed in a svcj +automount_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/automountd b/libexec/rc/rc.d/automountd index 4bc6f7d01862..b809e9dfc8ad 100755 --- a/libexec/rc/rc.d/automountd +++ b/libexec/rc/rc.d/automountd @@ -17,4 +17,8 @@ command="/usr/sbin/${name}" required_modules="autofs" load_rc_config $name + +# mounting shall not be performed in a svcj +automountd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/autounmountd b/libexec/rc/rc.d/autounmountd index c939c6d8d011..1d8b3bfa354f 100755 --- a/libexec/rc/rc.d/autounmountd +++ b/libexec/rc/rc.d/autounmountd @@ -16,4 +16,8 @@ pidfile="/var/run/${name}.pid" command="/usr/sbin/${name}" load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +autounmountd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/bgfsck b/libexec/rc/rc.d/bgfsck index 24753f9f561f..dd5c330c3d11 100755 --- a/libexec/rc/rc.d/bgfsck +++ b/libexec/rc/rc.d/bgfsck @@ -46,4 +46,8 @@ bgfsck_start() } load_rc_config $name + +# doesn't make sense to run in a svcj +bgfsck_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/blacklistd b/libexec/rc/rc.d/blacklistd index b58c7c8a76b6..ecbb71e41fca 100755 --- a/libexec/rc/rc.d/blacklistd +++ b/libexec/rc/rc.d/blacklistd @@ -40,5 +40,8 @@ rcvar="blacklistd_enable" command="/usr/sbin/${name}" required_files="/etc/blacklistd.conf" +# no svcj options needed +: ${blacklistd_svcj_options:=""} + load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/bluetooth b/libexec/rc/rc.d/bluetooth index 679d669a6191..22bd5078034d 100755 --- a/libexec/rc/rc.d/bluetooth +++ b/libexec/rc/rc.d/bluetooth @@ -317,5 +317,8 @@ bluetooth_stop() load_rc_config $name hccontrol="${bluetooth_hccontrol:-/usr/sbin/hccontrol}" +# doesn't make sense to run in a svcj: nojail keyword +bluetooth_svcj="NO" + run_rc_command $* diff --git a/libexec/rc/rc.d/bootparams b/libexec/rc/rc.d/bootparams index ce0b8a45e672..1d435d4ee480 100755 --- a/libexec/rc/rc.d/bootparams +++ b/libexec/rc/rc.d/bootparams @@ -15,5 +15,7 @@ rcvar="bootparamd_enable" required_files="/etc/bootparams" command="/usr/sbin/${name}" +: ${bootparamd_svcj_options:="net_basic"} + load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/bridge b/libexec/rc/rc.d/bridge index a42d82adacc5..98d9212593e5 100755 --- a/libexec/rc/rc.d/bridge +++ b/libexec/rc/rc.d/bridge @@ -90,4 +90,8 @@ bridge_stop() iflist=$2 load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +bridge_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/bsnmpd b/libexec/rc/rc.d/bsnmpd index 60c7242f0c1f..60f4f5e86617 100755 --- a/libexec/rc/rc.d/bsnmpd +++ b/libexec/rc/rc.d/bsnmpd @@ -13,6 +13,8 @@ desc="Simple and extensible SNMP daemon" rcvar="bsnmpd_enable" command="/usr/sbin/${name}" +: ${bsnmpd_svcj_options:="net_basic"} + load_rc_config $name pidfile="${bsnmpd_pidfile:-/var/run/snmpd.pid}" command_args="-p ${pidfile}" diff --git a/libexec/rc/rc.d/bthidd b/libexec/rc/rc.d/bthidd index ec7da8181ca3..4b230406c4d5 100755 --- a/libexec/rc/rc.d/bthidd +++ b/libexec/rc/rc.d/bthidd @@ -50,4 +50,7 @@ if evdev_enabled; then fi required_files="${config}" +# doesn't make sense to run in a svcj: nojail keyword +bthidd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ccd b/libexec/rc/rc.d/ccd index f7dde1c23f4e..5f2427e4beb0 100755 --- a/libexec/rc/rc.d/ccd +++ b/libexec/rc/rc.d/ccd @@ -21,4 +21,8 @@ ccd_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +ccd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/cfumass b/libexec/rc/rc.d/cfumass index 79c9b0ae63d4..7d1117d7c388 100755 --- a/libexec/rc/rc.d/cfumass +++ b/libexec/rc/rc.d/cfumass @@ -145,4 +145,8 @@ cfumass_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +cfumass_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/cleanvar b/libexec/rc/rc.d/cleanvar index 08e647dde5ae..dce5baa6875b 100755 --- a/libexec/rc/rc.d/cleanvar +++ b/libexec/rc/rc.d/cleanvar @@ -43,4 +43,8 @@ cleanvar_start() } load_rc_config $name + +# doesn't make sense to run in a svcj +cleanvar_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/cleartmp b/libexec/rc/rc.d/cleartmp index 8101474b33cf..c4dfb5367dcb 100755 --- a/libexec/rc/rc.d/cleartmp +++ b/libexec/rc/rc.d/cleartmp @@ -57,4 +57,8 @@ cleartmp_start() } load_rc_config $name + +# doesn't make sense to run in a svcj +cleartmp_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/cron b/libexec/rc/rc.d/cron index a37d3ceee02e..584db590d835 100755 --- a/libexec/rc/rc.d/cron +++ b/libexec/rc/rc.d/cron @@ -16,6 +16,11 @@ command="/usr/sbin/${name}" pidfile="/var/run/${name}.pid" load_rc_config $name + +# doesn't make sense to run in a svcj: in the generic case it may need +# access to more than a jails allows +cron_svcj="NO" + if checkyesno cron_dst then cron_flags="$cron_flags -s" diff --git a/libexec/rc/rc.d/ctld b/libexec/rc/rc.d/ctld index f09c032575d9..c91d7a9be921 100755 --- a/libexec/rc/rc.d/ctld +++ b/libexec/rc/rc.d/ctld @@ -19,4 +19,8 @@ required_modules="ctl" extra_commands="reload" load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +ctld_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ddb b/libexec/rc/rc.d/ddb index 40235bebf90e..08a7d345c326 100755 --- a/libexec/rc/rc.d/ddb +++ b/libexec/rc/rc.d/ddb @@ -35,4 +35,7 @@ load_rc_config $name required_files="${ddb_config}" command_args="${ddb_config}" +# doesn't make sense to run in a svcj: privileged operation +ddb_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/defaultroute b/libexec/rc/rc.d/defaultroute index d8d6b2e97dcd..b96f91d36118 100755 --- a/libexec/rc/rc.d/defaultroute +++ b/libexec/rc/rc.d/defaultroute @@ -70,4 +70,8 @@ defaultroute_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +defaultroute_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/devd b/libexec/rc/rc.d/devd index 43fb9d5928dd..47326662339c 100755 --- a/libexec/rc/rc.d/devd +++ b/libexec/rc/rc.d/devd @@ -38,4 +38,8 @@ devd_prestart() } load_rc_config $name + +# doesn't make sense to run in a svcj: executing potential privileged operations +devd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/devfs b/libexec/rc/rc.d/devfs index b7835bd561ce..9987d35f6ad3 100755 --- a/libexec/rc/rc.d/devfs +++ b/libexec/rc/rc.d/devfs @@ -68,4 +68,8 @@ read_devfs_conf() } load_rc_config $name + +# doesn't make sense to run in a svcj: may need more permissions +devfs_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/devmatch b/libexec/rc/rc.d/devmatch index 67bb14761614..21846355fcfe 100755 --- a/libexec/rc/rc.d/devmatch +++ b/libexec/rc/rc.d/devmatch @@ -78,4 +78,8 @@ devmatch_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: privileged operations +devmatch_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/dhclient b/libexec/rc/rc.d/dhclient index e2f204076eb6..78442da29193 100755 --- a/libexec/rc/rc.d/dhclient +++ b/libexec/rc/rc.d/dhclient @@ -59,6 +59,9 @@ dhclient_prestart() load_rc_config $name load_rc_config network +# dhclient_prestart is not compatible with svcj +dhclient_svcj="NO" + if [ -z $ifn ] ; then # only complain if a command was specified but no interface if [ -n "$1" ] ; then diff --git a/libexec/rc/rc.d/dmesg b/libexec/rc/rc.d/dmesg index ed36ec17b419..51e35d5d4e80 100755 --- a/libexec/rc/rc.d/dmesg +++ b/libexec/rc/rc.d/dmesg @@ -23,4 +23,8 @@ do_dmesg() } load_rc_config $name + +# doesn't make sense to run in a svcj +dmesg_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/dnctl b/libexec/rc/rc.d/dnctl index 7e65b899bd01..9067d278088e 100644 --- a/libexec/rc/rc.d/dnctl +++ b/libexec/rc/rc.d/dnctl @@ -16,6 +16,9 @@ start_cmd="${name}_start" required_files="$dnctl_rules" required_modules="dummynet" +# doesn't make sense to run in a svcj: config setting +dnctl_svcj="NO" + dnctl_start() { startmsg -n "Enabling ${name}" diff --git a/libexec/rc/rc.d/dumpon b/libexec/rc/rc.d/dumpon index a6748711b796..0dfcdb266b20 100755 --- a/libexec/rc/rc.d/dumpon +++ b/libexec/rc/rc.d/dumpon @@ -97,4 +97,8 @@ dumpon_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +dumpon_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/fsck b/libexec/rc/rc.d/fsck index 359733d8484c..e755f055dbe6 100755 --- a/libexec/rc/rc.d/fsck +++ b/libexec/rc/rc.d/fsck @@ -91,4 +91,8 @@ fsck_start() } load_rc_config $name + +# doesn't make sense to run in a svcj +fsck_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ftp-proxy b/libexec/rc/rc.d/ftp-proxy index 250088d6bb35..c77dd36cd60b 100755 --- a/libexec/rc/rc.d/ftp-proxy +++ b/libexec/rc/rc.d/ftp-proxy @@ -13,6 +13,8 @@ desc="Internet File Transfer Protocol proxy daemon" rcvar="ftpproxy_enable" command="/usr/sbin/ftp-proxy" +: ${ftpproxy_svcj_options:="net_basic"} + load_rc_config $name # diff --git a/libexec/rc/rc.d/ftpd b/libexec/rc/rc.d/ftpd index 9bb9a722a2af..e25a561a520a 100755 --- a/libexec/rc/rc.d/ftpd +++ b/libexec/rc/rc.d/ftpd @@ -13,13 +13,11 @@ desc="Internet File Transfer Protocol daemon" rcvar="ftpd_enable" command="/usr/libexec/${name}" pidfile="/var/run/${name}.pid" -start_precmd=ftpd_prestart -ftpd_prestart() -{ - rc_flags="-D ${rc_flags}" - return 0 -} +: ${ftpd_svcj_options:="net_basic"} load_rc_config $name + +flags="-D ${flags} ${rc_flags}" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/geli b/libexec/rc/rc.d/geli index 16d24efd1e39..5fc5ded54ec3 100755 --- a/libexec/rc/rc.d/geli +++ b/libexec/rc/rc.d/geli @@ -121,4 +121,8 @@ geli_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +geli_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/geli2 b/libexec/rc/rc.d/geli2 index 16248d32ece8..cedd48a312ee 100755 --- a/libexec/rc/rc.d/geli2 +++ b/libexec/rc/rc.d/geli2 @@ -55,4 +55,8 @@ geli2_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +geli2_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ggated b/libexec/rc/rc.d/ggated index 22bc8beb7ca0..846019acb055 100755 --- a/libexec/rc/rc.d/ggated +++ b/libexec/rc/rc.d/ggated @@ -14,6 +14,9 @@ pidfile="/var/run/${name}.pid" load_rc_config $name required_files="${ggated_config}" +# XXX?: doesn't make sense to run in a svcj: low-level access +ggated_svcj="NO" + command_args="${ggated_config}" run_rc_command "$1" diff --git a/libexec/rc/rc.d/gptboot b/libexec/rc/rc.d/gptboot index 3f04143e79ec..188f1bb77557 100755 --- a/libexec/rc/rc.d/gptboot +++ b/libexec/rc/rc.d/gptboot @@ -73,4 +73,8 @@ gptboot_report() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +gptboot_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/growfs b/libexec/rc/rc.d/growfs index d16951b4bc3e..86bf199a8611 100755 --- a/libexec/rc/rc.d/growfs +++ b/libexec/rc/rc.d/growfs @@ -306,4 +306,8 @@ growfs_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +growfs_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/growfs_fstab b/libexec/rc/rc.d/growfs_fstab index a9d18c1eaed3..8b7cea3a63e5 100755 --- a/libexec/rc/rc.d/growfs_fstab +++ b/libexec/rc/rc.d/growfs_fstab @@ -58,4 +58,8 @@ growfs_fstab_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +growfs_fstab_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/gssd b/libexec/rc/rc.d/gssd index fa0edcead140..7ab3c181eeb1 100755 --- a/libexec/rc/rc.d/gssd +++ b/libexec/rc/rc.d/gssd @@ -13,5 +13,7 @@ name=gssd desc="Generic Security Services Daemon" rcvar=gssd_enable +: ${gssd_svcj_options:="net_basic nfsd"} + load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/hastd b/libexec/rc/rc.d/hastd index 8c1d9e8bc16a..37df43d26c7d 100755 --- a/libexec/rc/rc.d/hastd +++ b/libexec/rc/rc.d/hastd @@ -26,4 +26,8 @@ hastd_stop_precmd() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +hastd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/hcsecd b/libexec/rc/rc.d/hcsecd index 542305040357..8827e53777f3 100755 --- a/libexec/rc/rc.d/hcsecd +++ b/libexec/rc/rc.d/hcsecd @@ -21,4 +21,7 @@ config="${hcsecd_config:-/etc/bluetooth/${name}.conf}" command_args="-f ${config}" required_files="${config}" +# doesn't make sense to run in a svcj: nojail keyword +hcsecd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/hostapd b/libexec/rc/rc.d/hostapd index fe3dac1dea06..251df91a280b 100755 --- a/libexec/rc/rc.d/hostapd +++ b/libexec/rc/rc.d/hostapd @@ -38,4 +38,8 @@ required_modules="wlan_xauth wlan_wep wlan_tkip wlan_ccmp" extra_commands="reload" load_rc_config ${name} + +# doesn't make sense to run in a svcj: nojail keyword +hostapd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/hostid b/libexec/rc/rc.d/hostid index 0210ca433501..18d0fbabf6e4 100755 --- a/libexec/rc/rc.d/hostid +++ b/libexec/rc/rc.d/hostid @@ -156,4 +156,8 @@ hostid_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +hostid_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/hostid_save b/libexec/rc/rc.d/hostid_save index af7f4138a5dd..b9727d24bc57 100755 --- a/libexec/rc/rc.d/hostid_save +++ b/libexec/rc/rc.d/hostid_save @@ -44,4 +44,8 @@ hostid_save() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +hostid_save_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/hostname b/libexec/rc/rc.d/hostname index f6ac95c9c888..8b26c4f60633 100755 --- a/libexec/rc/rc.d/hostname +++ b/libexec/rc/rc.d/hostname @@ -77,4 +77,8 @@ hostname_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +hostname_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/inetd b/libexec/rc/rc.d/inetd index 9820f8dc319a..81cc18d95be2 100755 --- a/libexec/rc/rc.d/inetd +++ b/libexec/rc/rc.d/inetd @@ -16,5 +16,7 @@ pidfile="/var/run/${name}.pid" required_files="/etc/${name}.conf" extra_commands="reload" +: ${inetd_svcj_options:="net_basic"} + load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/iovctl b/libexec/rc/rc.d/iovctl index 01e16221cc4a..b2404f5665b1 100755 --- a/libexec/rc/rc.d/iovctl +++ b/libexec/rc/rc.d/iovctl @@ -35,4 +35,8 @@ iovctl_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +iovctl_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ip6addrctl b/libexec/rc/rc.d/ip6addrctl index 50d9408d0731..eac1d2729e78 100755 --- a/libexec/rc/rc.d/ip6addrctl +++ b/libexec/rc/rc.d/ip6addrctl @@ -120,4 +120,8 @@ ip6addrctl_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +ipv6addrctl_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ipfilter b/libexec/rc/rc.d/ipfilter index e951bc9b7878..d0cb09ab527c 100755 --- a/libexec/rc/rc.d/ipfilter +++ b/libexec/rc/rc.d/ipfilter @@ -15,6 +15,9 @@ rcvar="ipfilter_enable" load_rc_config $name stop_precmd="test -f ${ipfilter_rules}" +# doesn't make sense to run in a svcj: config setting +ipfilter_svcj="NO" + start_precmd="$stop_precmd" start_cmd="ipfilter_start" stop_cmd="ipfilter_stop" diff --git a/libexec/rc/rc.d/ipfs b/libexec/rc/rc.d/ipfs index c51527bde43c..2ec4ad3b1d00 100755 --- a/libexec/rc/rc.d/ipfs +++ b/libexec/rc/rc.d/ipfs @@ -49,4 +49,8 @@ ipfs_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +ipfs_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ipfw b/libexec/rc/rc.d/ipfw index 2f6b20a41b1a..6d6f7577828f 100755 --- a/libexec/rc/rc.d/ipfw +++ b/libexec/rc/rc.d/ipfw @@ -163,4 +163,7 @@ ipfw_status() load_rc_config $name firewall_coscripts="/etc/rc.d/natd ${firewall_coscripts}" +# doesn't make sense to run in a svcj: config setting +ipfw_svcj="NO" + run_rc_command $* diff --git a/libexec/rc/rc.d/ipfw_netflow b/libexec/rc/rc.d/ipfw_netflow index 219f0a4facf6..129488ce60d0 100755 --- a/libexec/rc/rc.d/ipfw_netflow +++ b/libexec/rc/rc.d/ipfw_netflow @@ -73,4 +73,7 @@ ipfw_netflow_stop() load_rc_config $name +# doesn't make sense to run in a svcj: config setting +ipfw_netflow_svcj="NO" + run_rc_command $* diff --git a/libexec/rc/rc.d/ipmon b/libexec/rc/rc.d/ipmon index a6449f241b87..3ef0c895ad16 100755 --- a/libexec/rc/rc.d/ipmon +++ b/libexec/rc/rc.d/ipmon @@ -15,6 +15,9 @@ rcvar="ipmon_enable" command="/sbin/${name}" start_precmd="ipmon_precmd" +# no svcj options needed +: ${ipmon_svcj_options:=""} + ipmon_precmd() { # Continue only if ipfilter or ipnat is enabled and the diff --git a/libexec/rc/rc.d/ipnat b/libexec/rc/rc.d/ipnat index 88cf368876d7..56fe443686b1 100755 --- a/libexec/rc/rc.d/ipnat +++ b/libexec/rc/rc.d/ipnat @@ -18,6 +18,9 @@ extra_commands="reload" required_files="${ipnat_rules}" required_modules="ipl:ipfilter" +# doesn't make sense to run in a svcj: config setting +ipnat_svcj="NO" + ipnat_start() { echo "Installing NAT rules." diff --git a/libexec/rc/rc.d/ippool b/libexec/rc/rc.d/ippool index 42cef3faf7eb..0db8bbe98f61 100755 --- a/libexec/rc/rc.d/ippool +++ b/libexec/rc/rc.d/ippool @@ -13,6 +13,10 @@ name="ippool" desc="user interface to the IPFilter pools" rcvar="ippool_enable" load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +ippool_svcj="NO" + start_precmd="ippool_start_precmd" stop_cmd="${ippool_program} -F" reload_cmd="ippool_reload" diff --git a/libexec/rc/rc.d/ipropd_master b/libexec/rc/rc.d/ipropd_master index 9f8e1ee14490..a3ca498afe6c 100755 --- a/libexec/rc/rc.d/ipropd_master +++ b/libexec/rc/rc.d/ipropd_master @@ -14,6 +14,8 @@ required_files="$ipropd_master_keytab" start_precmd=${name}_start_precmd start_postcmd=${name}_start_postcmd +: ${ipropd_master_svcj_options:="net_basic"} + ipropd_master_start_precmd() { @@ -24,10 +26,6 @@ ipropd_master_start_precmd() for _slave in $ipropd_master_slaves; do echo $_slave done > /var/heimdal/slaves || return 1 - command_args="$command_args \ - --keytab=\"$ipropd_master_keytab\" \ - --detach \ - " } ipropd_master_start_postcmd() { @@ -36,4 +34,10 @@ ipropd_master_start_postcmd() } load_rc_config $name + +command_args="$command_args \ + --keytab=\"$ipropd_master_keytab\" \ + --detach \ +" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ipropd_slave b/libexec/rc/rc.d/ipropd_slave index 9d4b06f0e8f3..1735cff3de86 100755 --- a/libexec/rc/rc.d/ipropd_slave +++ b/libexec/rc/rc.d/ipropd_slave @@ -13,6 +13,8 @@ rcvar=${name}_enable required_files="$ipropd_slave_keytab" start_precmd=${name}_start_precmd +: ${ipropd_slave_svcj_options:="net_basic"} + ipropd_slave_start_precmd() { @@ -20,12 +22,14 @@ ipropd_slave_start_precmd() warn "\$ipropd_slave_master is empty." return 1 fi - command_args=" \ - $command_args \ - --keytab=\"$ipropd_slave_keytab\" \ - --detach \ - $ipropd_slave_master" } load_rc_config $name + +command_args=" \ + command_args \ + --keytab=\"$ipropd_slave_keytab\" \ + --detach \ + $ipropd_slave_master" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ipsec b/libexec/rc/rc.d/ipsec index 1e9d65f6699e..0e7ad213ce67 100755 --- a/libexec/rc/rc.d/ipsec +++ b/libexec/rc/rc.d/ipsec @@ -57,4 +57,8 @@ ipsec_reload() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +ipsec_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/iscsictl b/libexec/rc/rc.d/iscsictl index d2231958c6cb..247954e0d4f1 100755 --- a/libexec/rc/rc.d/iscsictl +++ b/libexec/rc/rc.d/iscsictl @@ -17,4 +17,8 @@ command_args="${iscsictl_flags}" required_modules="iscsi" load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +iscsictl_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/iscsid b/libexec/rc/rc.d/iscsid index 277b6f5a8c7e..e2418e8baaa1 100755 --- a/libexec/rc/rc.d/iscsid +++ b/libexec/rc/rc.d/iscsid @@ -17,4 +17,8 @@ command="/usr/sbin/${name}" required_modules="iscsi" load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +iscsid_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/jail b/libexec/rc/rc.d/jail index e24d6f8e21e0..f059363e1e8d 100755 --- a/libexec/rc/rc.d/jail +++ b/libexec/rc/rc.d/jail @@ -605,6 +605,10 @@ jail_warn() } load_rc_config $name + +# doesn't make sense to run in a svcj +jail_svcj="NO" + case $# in 1) run_rc_command $@ ${jail_list:-_ALL} ;; *) jail_reverse_stop="no" diff --git a/libexec/rc/rc.d/kadmind b/libexec/rc/rc.d/kadmind index 140ece811f66..0cee49630480 100755 --- a/libexec/rc/rc.d/kadmind +++ b/libexec/rc/rc.d/kadmind @@ -12,17 +12,13 @@ name=kadmind desc="Server for administrative access to Kerberos database" rcvar=${name}_enable required_vars=kdc_enable -start_precmd=${name}_start_precmd +command_args="$command_args &" + +: ${kadmind_svcj_options:="net_basic"} set_rcvar_obsolete kadmind5_server_enable kadmind_enable set_rcvar_obsolete kadmind5_server kadmind_program set_rcvar_obsolete kerberos5_server_enable kdc_enable -kadmind_start_precmd() -{ - - command_args="$command_args &" -} - load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/kdc b/libexec/rc/rc.d/kdc index a2d9f87f8e20..621129b20164 100755 --- a/libexec/rc/rc.d/kdc +++ b/libexec/rc/rc.d/kdc @@ -14,6 +14,7 @@ desc="Kerberos 5 server" rcvar=${name}_enable : ${kdc_restart:="NO"} : ${kdc_restart_delay:=""} +: ${kdc_svcj_options:="net_basic"} set_rcvar_obsolete kerberos5_server_enable kdc_enable set_rcvar_obsolete kerberos5_server kdc_program diff --git a/libexec/rc/rc.d/keyserv b/libexec/rc/rc.d/keyserv index b51d01cfceee..d78695eb33b2 100755 --- a/libexec/rc/rc.d/keyserv +++ b/libexec/rc/rc.d/keyserv @@ -17,6 +17,8 @@ rcvar="keyserv_enable" command="/usr/sbin/${name}" start_precmd="keyserv_prestart" +: ${keyserv_svcj_options:="net_basic"} + keyserv_prestart() { force_depend rpcbind || return 1 diff --git a/libexec/rc/rc.d/kfd b/libexec/rc/rc.d/kfd index 0d124e14033f..23ad790abab5 100755 --- a/libexec/rc/rc.d/kfd +++ b/libexec/rc/rc.d/kfd @@ -11,13 +11,9 @@ name=kfd desc="Receive forwarded tickets" rcvar=${name}_enable -start_precmd=${name}_start_precmd +command_args="$command_args -i &" -kfd_start_precmd() -{ - - command_args="$command_args -i &" -} +: ${kfd_svcj_options:="net_basic"} load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/kld b/libexec/rc/rc.d/kld index 510884a117d0..d9c45a05f7a6 100755 --- a/libexec/rc/rc.d/kld +++ b/libexec/rc/rc.d/kld @@ -51,4 +51,8 @@ kld_start() } load_rc_config $name + +# doesn't make sense to run in a svcj +kld_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/kldxref b/libexec/rc/rc.d/kldxref index d2b733eddce3..d6aa02d778d9 100755 --- a/libexec/rc/rc.d/kldxref +++ b/libexec/rc/rc.d/kldxref @@ -33,4 +33,8 @@ kldxref_start() { } load_rc_config $name + +# doesn't make sense to run in a svcj +kldxref_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/kpasswdd b/libexec/rc/rc.d/kpasswdd index 2d3449bf52a6..7e2562769640 100755 --- a/libexec/rc/rc.d/kpasswdd +++ b/libexec/rc/rc.d/kpasswdd @@ -12,17 +12,13 @@ name=kpasswdd desc="Kerberos 5 password changing" rcvar=${name}_enable required_vars=kdc_enable -start_precmd=${name}_start_precmd +command_args="$command_args &" + +: ${kpasswdd_svcj_options:="net_basic"} set_rcvar_obsolete kpasswdd_server_enable kpasswdd_enable set_rcvar_obsolete kpasswdd_server kpasswdd_program set_rcvar_obsolete kerberos5_server_enable kdc_enable -kpasswdd_start_precmd() -{ - - command_args="$command_args &" -} - load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/ldconfig b/libexec/rc/rc.d/ldconfig index fd54b2d3444e..494228e96501 100755 --- a/libexec/rc/rc.d/ldconfig +++ b/libexec/rc/rc.d/ldconfig @@ -72,4 +72,8 @@ ldconfig_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +ldconfig_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/linux b/libexec/rc/rc.d/linux index 1c6a97f606fe..d419920acaca 100755 --- a/libexec/rc/rc.d/linux +++ b/libexec/rc/rc.d/linux @@ -81,4 +81,8 @@ linux_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: kernel modules and FS-mounting +linux_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/local b/libexec/rc/rc.d/local index 6ac99c4b7e3c..c3f5e037563e 100755 --- a/libexec/rc/rc.d/local +++ b/libexec/rc/rc.d/local @@ -33,4 +33,8 @@ local_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: it may contain everything +local_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/local_unbound b/libexec/rc/rc.d/local_unbound index 4a717dad70fd..94f01810b303 100755 --- a/libexec/rc/rc.d/local_unbound +++ b/libexec/rc/rc.d/local_unbound @@ -35,6 +35,7 @@ load_rc_config $name : ${local_unbound_tls:=} : ${local_unbound_pidfile:=${pidfile}} pidfile=${local_unbound_pidfile} +: ${local_unbound_svcj_options:="net_basic"} do_as_unbound() { diff --git a/libexec/rc/rc.d/localpkg b/libexec/rc/rc.d/localpkg index ca5fc3e1109b..12fb9e0fd927 100755 --- a/libexec/rc/rc.d/localpkg +++ b/libexec/rc/rc.d/localpkg @@ -66,6 +66,8 @@ pkg_stop() (set -T trap 'exit 1' 2 ${script} stop) + elif [ -f "${script}" -o -L "${script}" ]; then + echo -n " (skipping ${script##*/}, not executable)" fi done [ -n "${initdone}" ] && echo '.' @@ -74,4 +76,8 @@ pkg_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: other rc.d scripts need to decide on their own +localpkg_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/lockd b/libexec/rc/rc.d/lockd index c35dd0975cfe..9c804751031a 100755 --- a/libexec/rc/rc.d/lockd +++ b/libexec/rc/rc.d/lockd @@ -16,6 +16,8 @@ rcvar=rpc_lockd_enable command="/usr/sbin/rpc.${name}" start_precmd='lockd_precmd' +: ${lockd_svcj_options:="net_basic"} + # Make sure that we are either an NFS client or server, and that we get # the correct flags from rc.conf(5). # @@ -23,9 +25,10 @@ lockd_precmd() { force_depend rpcbind || return 1 force_depend statd rpc_statd || return 1 - - rc_flags=${rpc_lockd_flags} } load_rc_config $name + +rc_flags=${rpc_lockd_flags} + run_rc_command $1 diff --git a/libexec/rc/rc.d/lpd b/libexec/rc/rc.d/lpd index 428b33f7c9fd..0c169bef99a5 100755 --- a/libexec/rc/rc.d/lpd +++ b/libexec/rc/rc.d/lpd @@ -16,6 +16,8 @@ command="/usr/sbin/${name}" required_files="/etc/printcap" start_precmd="chkprintcap" +: ${lpd_svcj_options:="net_basic"} + chkprintcap() { if checkyesno chkprintcap_enable ; then diff --git a/libexec/rc/rc.d/mdconfig b/libexec/rc/rc.d/mdconfig index 2322cdc55fc2..4df14017334b 100755 --- a/libexec/rc/rc.d/mdconfig +++ b/libexec/rc/rc.d/mdconfig @@ -181,6 +181,9 @@ fi load_rc_config $name +# doesn't make sense to run in a svcj: config setting +mdconfig_svcj="NO" + if [ -z "${_mdconfig_list}" ]; then for _mdconfig_config in `list_vars mdconfig_md[0-9]\* | sort_lite -nk1.12` diff --git a/libexec/rc/rc.d/mdconfig2 b/libexec/rc/rc.d/mdconfig2 index 2f958611f7de..716e71cd2a32 100755 --- a/libexec/rc/rc.d/mdconfig2 +++ b/libexec/rc/rc.d/mdconfig2 @@ -211,6 +211,9 @@ fi load_rc_config $name +# doesn't make sense to run in a svcj: config setting +mdconfig2_svcj="NO" + if [ -z "${_mdconfig2_list}" ]; then for _mdconfig2_config in `list_vars mdconfig_md[0-9]\* | sort_lite -nk1.12` diff --git a/libexec/rc/rc.d/mixer b/libexec/rc/rc.d/mixer index d8d43a2ffcc8..7527e16918d2 100755 --- a/libexec/rc/rc.d/mixer +++ b/libexec/rc/rc.d/mixer @@ -100,4 +100,8 @@ mixer_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +mixer_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/motd b/libexec/rc/rc.d/motd index b0f46df8ea7a..7858aef2c3fe 100755 --- a/libexec/rc/rc.d/motd +++ b/libexec/rc/rc.d/motd @@ -55,4 +55,8 @@ motd_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +motd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/mountcritlocal b/libexec/rc/rc.d/mountcritlocal index e9b8885279a2..f91eaf44457c 100755 --- a/libexec/rc/rc.d/mountcritlocal +++ b/libexec/rc/rc.d/mountcritlocal @@ -60,4 +60,8 @@ mountcritlocal_start() } load_rc_config $name + +# mounting shall not be performed in a svcj +mountcritlocal_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/mountcritremote b/libexec/rc/rc.d/mountcritremote index b2e0f9cfec49..99becaefb10f 100755 --- a/libexec/rc/rc.d/mountcritremote +++ b/libexec/rc/rc.d/mountcritremote @@ -86,4 +86,8 @@ mountcritremote_start() } load_rc_config $name + +# mounting shall not be performed in a svcj +mountcritremote_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/mountd b/libexec/rc/rc.d/mountd index 39b16d604321..8c0aa87e1d13 100755 --- a/libexec/rc/rc.d/mountd +++ b/libexec/rc/rc.d/mountd @@ -17,6 +17,8 @@ required_files="/etc/exports" start_precmd="mountd_precmd" extra_commands="reload" +: ${mountd_svcj_options:="net_basic nfsd"} + mountd_precmd() { @@ -68,4 +70,8 @@ mountd_precmd() } load_rc_config $name + +# precmd is not compatible with svcj +mountd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/mountlate b/libexec/rc/rc.d/mountlate index 133192ac183c..87ea9edccb74 100755 --- a/libexec/rc/rc.d/mountlate +++ b/libexec/rc/rc.d/mountlate @@ -44,4 +44,8 @@ mountlate_start() } load_rc_config $name + +# mounting shall not be performed in a svcj +mountlate_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/moused b/libexec/rc/rc.d/moused index 85a04c89447a..6f1b95af0f0a 100755 --- a/libexec/rc/rc.d/moused +++ b/libexec/rc/rc.d/moused @@ -18,6 +18,11 @@ pidfile="${pidprefix}.pid" pidarg= load_rc_config $name +# doesn't make sense to run in a svcj: nojail keyword +# XXX: How does moused communiacte with the kernel? +# XXX: Does the kernel prevent this communcation in jails? +moused_svcj="NO" + # Set the pid file and variable name. The second argument, if it exists, is # expected to be the mouse device. # diff --git a/libexec/rc/rc.d/msgs b/libexec/rc/rc.d/msgs index 4ea396c99f66..424d545f884d 100755 --- a/libexec/rc/rc.d/msgs +++ b/libexec/rc/rc.d/msgs @@ -22,4 +22,8 @@ msgs_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +msgs_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/natd b/libexec/rc/rc.d/natd index d95d586ac69f..1c8c1cb50a96 100755 --- a/libexec/rc/rc.d/natd +++ b/libexec/rc/rc.d/natd @@ -40,4 +40,8 @@ natd_precmd() } load_rc_config $name + +# precmd is not compatible with svcj +natd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/netif b/libexec/rc/rc.d/netif index 3da296e97384..4fe9b60cbb20 100755 --- a/libexec/rc/rc.d/netif +++ b/libexec/rc/rc.d/netif @@ -268,4 +268,8 @@ netif_common() # This is needed for mfsBSD at least. load_rc_config network load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +netif_svcj="NO" + run_rc_command $* diff --git a/libexec/rc/rc.d/netoptions b/libexec/rc/rc.d/netoptions index 7f57c02f0fb4..0f329a5385cf 100755 --- a/libexec/rc/rc.d/netoptions +++ b/libexec/rc/rc.d/netoptions @@ -122,4 +122,8 @@ netoptions_inet6() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +netoptions_svcj="NO" + run_rc_command $1 diff --git a/libexec/rc/rc.d/netwait b/libexec/rc/rc.d/netwait index 8342a100bd87..3f374806d97c 100755 --- a/libexec/rc/rc.d/netwait +++ b/libexec/rc/rc.d/netwait @@ -111,4 +111,8 @@ netwait_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +netwait_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/newsyslog b/libexec/rc/rc.d/newsyslog index 9434bb8e12ec..9b959bfabe85 100755 --- a/libexec/rc/rc.d/newsyslog +++ b/libexec/rc/rc.d/newsyslog @@ -23,4 +23,8 @@ newsyslog_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: needs to send signals outside the svcj +newsyslog_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/nfscbd b/libexec/rc/rc.d/nfscbd index 317a41ef8d3b..450de46e0855 100755 --- a/libexec/rc/rc.d/nfscbd +++ b/libexec/rc/rc.d/nfscbd @@ -14,6 +14,8 @@ rcvar="nfscbd_enable" command="/usr/sbin/${name}" sig_stop="USR1" +: ${nfscbd_svcj_options:="net_basic"} + load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/nfsclient b/libexec/rc/rc.d/nfsclient index f475e867b6c9..857cfa02036f 100755 --- a/libexec/rc/rc.d/nfsclient +++ b/libexec/rc/rc.d/nfsclient @@ -46,4 +46,8 @@ unmount_all() fi } load_rc_config $name + +# no unmounting in svcj +nfsclient_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/nfsd b/libexec/rc/rc.d/nfsd index 86409f0e655f..364c2a3b6bd3 100755 --- a/libexec/rc/rc.d/nfsd +++ b/libexec/rc/rc.d/nfsd @@ -14,7 +14,11 @@ rcvar="nfs_server_enable" command="/usr/sbin/${name}" nfs_server_vhost="" +: ${nfsd_svcj_options:="net_basic nfsd"} + load_rc_config $name +# precmd is not compatible with svcj +nfsd_svcj="NO" start_precmd="nfsd_precmd" sig_stop="USR1" diff --git a/libexec/rc/rc.d/nfsuserd b/libexec/rc/rc.d/nfsuserd index 297b88dccfcd..3ef88dcc6dfc 100755 --- a/libexec/rc/rc.d/nfsuserd +++ b/libexec/rc/rc.d/nfsuserd @@ -14,7 +14,11 @@ rcvar="nfsuserd_enable" command="/usr/sbin/${name}" sig_stop="USR1" +: ${nfsuserd_svcj_options:="net_basic nfsd"} + load_rc_config $name +# precmd is not compatible with svcj +nfsuserd_svcj="NO" start_precmd="nfsuserd_precmd" nfsuserd_precmd() diff --git a/libexec/rc/rc.d/nisdomain b/libexec/rc/rc.d/nisdomain index 56fe1a6c5c0b..9616d7be39ac 100755 --- a/libexec/rc/rc.d/nisdomain +++ b/libexec/rc/rc.d/nisdomain @@ -51,4 +51,8 @@ nisdomain_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +nisdomain_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/nscd b/libexec/rc/rc.d/nscd index 64421c29358c..611d2d8ddb8f 100755 --- a/libexec/rc/rc.d/nscd +++ b/libexec/rc/rc.d/nscd @@ -21,6 +21,9 @@ name="nscd" desc="Name-service caching daemon" rcvar="nscd_enable" +# no svcj options needed +: ${nscd_svcj_options:=""} + command=/usr/sbin/nscd extra_commands="flush" flush_cmd="${command} -I all" diff --git a/libexec/rc/rc.d/ntpd b/libexec/rc/rc.d/ntpd index 76d83149ae1a..e7e42da8acc7 100755 --- a/libexec/rc/rc.d/ntpd +++ b/libexec/rc/rc.d/ntpd @@ -28,6 +28,9 @@ pidfile="${_ntp_default_dir}/${name}.pid" load_rc_config $name +# doesn't make sense to run in a svcj: nojail keyword +ntpd_svcj="NO" + leapfile_is_disabled() { # Return true (0) if automatic leapfile handling is disabled. case "$ntp_db_leapfile" in diff --git a/libexec/rc/rc.d/ntpdate b/libexec/rc/rc.d/ntpdate index 428072a05f49..cb948d739227 100755 --- a/libexec/rc/rc.d/ntpdate +++ b/libexec/rc/rc.d/ntpdate @@ -31,4 +31,8 @@ ntpdate_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: privileged operations +ntpdate_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/opensm b/libexec/rc/rc.d/opensm index ff208ddc3ae4..650345d81c12 100755 --- a/libexec/rc/rc.d/opensm +++ b/libexec/rc/rc.d/opensm @@ -12,6 +12,8 @@ name="opensm" start_cmd="opensm_start" rcvar="opensm_enable" +: ${opensm_svcj_options:="net_basic"} + command=/usr/bin/opensm command_args="-B" diff --git a/libexec/rc/rc.d/os-release b/libexec/rc/rc.d/os-release index 3373d42b1533..0f8ee71e06b4 100755 --- a/libexec/rc/rc.d/os-release +++ b/libexec/rc/rc.d/os-release @@ -41,4 +41,8 @@ __EOF__ } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +osrelease_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/pf b/libexec/rc/rc.d/pf index f227782e640c..0b4c086db22b 100755 --- a/libexec/rc/rc.d/pf +++ b/libexec/rc/rc.d/pf @@ -22,6 +22,9 @@ extra_commands="check reload resync" required_files="$pf_rules" required_modules="pf" +# doesn't make sense to run in a svcj: config setting +pf_svcj="NO" + pf_fallback() { warn "Unable to load $pf_rules." diff --git a/libexec/rc/rc.d/pflog b/libexec/rc/rc.d/pflog index c6bb024ee0be..b47252a23e0f 100755 --- a/libexec/rc/rc.d/pflog +++ b/libexec/rc/rc.d/pflog @@ -17,6 +17,9 @@ start_precmd="pflog_prestart" stop_postcmd="pflog_poststop" extra_commands="reload resync" +# no svcj options needed +: ${pflog_svcj_options:=""} + # for backward compatibility resync_cmd="pflog_resync" @@ -70,6 +73,9 @@ pflog_resync() load_rc_config $name +# precmd is not compatible with svcj +pflog_svcj="NO" + # Check if spawning multiple pflogd and told what to spawn if [ -n "$2" ]; then # Set required variables diff --git a/libexec/rc/rc.d/pfsync b/libexec/rc/rc.d/pfsync index 1e75644315b1..e2ba9c17cd45 100755 --- a/libexec/rc/rc.d/pfsync +++ b/libexec/rc/rc.d/pfsync @@ -45,4 +45,8 @@ pfsync_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +pfsync_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/power_profile b/libexec/rc/rc.d/power_profile index 71f3f3ad8792..7e187bf0a67c 100755 --- a/libexec/rc/rc.d/power_profile +++ b/libexec/rc/rc.d/power_profile @@ -62,6 +62,9 @@ if [ $# -ne 1 ]; then fi load_rc_config $name +# doesn't make sense to run in a svcj: privileged operations +power_profile_svcj="NO" + # Find the next state (performance or economy). state=$1 case ${state} in diff --git a/libexec/rc/rc.d/powerd b/libexec/rc/rc.d/powerd index d0f10f781231..8ebc9cc2dc7f 100755 --- a/libexec/rc/rc.d/powerd +++ b/libexec/rc/rc.d/powerd @@ -15,4 +15,8 @@ rcvar="powerd_enable" command="/usr/sbin/${name}" load_rc_config $name + +# doesn't make sense to run in a svcj: privileged operations +powerd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ppp b/libexec/rc/rc.d/ppp index cc7c8599777c..6f41d67f8940 100755 --- a/libexec/rc/rc.d/ppp +++ b/libexec/rc/rc.d/ppp @@ -131,4 +131,8 @@ ppp_stop() { } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +ppp_svcj="NO" + run_rc_command $* diff --git a/libexec/rc/rc.d/pppoed b/libexec/rc/rc.d/pppoed index 6e7225b83a52..5c64862c6a49 100755 --- a/libexec/rc/rc.d/pppoed +++ b/libexec/rc/rc.d/pppoed @@ -30,4 +30,8 @@ pppoed_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +pppoed_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/pwcheck b/libexec/rc/rc.d/pwcheck index 564c110d6a98..db42fdd0d37e 100755 --- a/libexec/rc/rc.d/pwcheck +++ b/libexec/rc/rc.d/pwcheck @@ -24,4 +24,8 @@ pwcheck_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +pwcheck_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/quota b/libexec/rc/rc.d/quota index adbc3b3bd372..9a3a3d50739c 100755 --- a/libexec/rc/rc.d/quota +++ b/libexec/rc/rc.d/quota @@ -18,6 +18,9 @@ load_rc_config $name start_cmd="quota_start" stop_cmd="/usr/sbin/quotaoff ${quotaoff_flags}" +# doesn't make sense to run in a svcj: config setting +quota_svcj="NO" + quota_start() { if checkyesno check_quotas; then diff --git a/libexec/rc/rc.d/random b/libexec/rc/rc.d/random index 1900f6cef5a4..c34f0d1f86b4 100755 --- a/libexec/rc/rc.d/random +++ b/libexec/rc/rc.d/random @@ -151,4 +151,8 @@ random_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +random_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/rarpd b/libexec/rc/rc.d/rarpd index f7f5f3b04094..2618565ae0d1 100755 --- a/libexec/rc/rc.d/rarpd +++ b/libexec/rc/rc.d/rarpd @@ -15,6 +15,8 @@ rcvar="rarpd_enable" command="/usr/sbin/${name}" required_files="/etc/ethers" +: ${rarpd_svcj_options:="net_basic"} + load_rc_config $name pidfile="${rarpd_pidfile:-/var/run/${name}.pid}" diff --git a/libexec/rc/rc.d/rctl b/libexec/rc/rc.d/rctl index 3d644cd1d8ec..96c148e78bcd 100755 --- a/libexec/rc/rc.d/rctl +++ b/libexec/rc/rc.d/rctl @@ -38,4 +38,8 @@ rctl_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +rctl_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/resolv b/libexec/rc/rc.d/resolv index c94e1c8ff1f1..a46c7ba314e9 100755 --- a/libexec/rc/rc.d/resolv +++ b/libexec/rc/rc.d/resolv @@ -59,4 +59,8 @@ resolv_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +resolv_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/rfcomm_pppd_server b/libexec/rc/rc.d/rfcomm_pppd_server index ef5afa7a5de2..810c1adc8e91 100755 --- a/libexec/rc/rc.d/rfcomm_pppd_server +++ b/libexec/rc/rc.d/rfcomm_pppd_server @@ -119,4 +119,8 @@ rfcomm_pppd_server_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +rfcomm_pppd_server_svcj="NO" + run_rc_command $* diff --git a/libexec/rc/rc.d/root b/libexec/rc/rc.d/root index e64ea7fe2dcd..e1dad6270e7d 100755 --- a/libexec/rc/rc.d/root +++ b/libexec/rc/rc.d/root @@ -39,4 +39,8 @@ root_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: mounting / config setting +root_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/route6d b/libexec/rc/rc.d/route6d index f27a0e7f8d6c..873efdeb123c 100755 --- a/libexec/rc/rc.d/route6d +++ b/libexec/rc/rc.d/route6d @@ -12,6 +12,8 @@ name="route6d" desc="RIP6 routing daemon" rcvar="route6d_enable" +: ${route6d_svcj_options:="net_basic"} + set_rcvar_obsolete ipv6_router_enable route6d_enable set_rcvar_obsolete ipv6_router route6d_program set_rcvar_obsolete ipv6_router_flags route6d_flags diff --git a/libexec/rc/rc.d/routed b/libexec/rc/rc.d/routed index d5fb464ece8c..9338cf034edd 100755 --- a/libexec/rc/rc.d/routed +++ b/libexec/rc/rc.d/routed @@ -13,6 +13,8 @@ name="routed" desc="Network RIP and router discovery routing daemon" rcvar="routed_enable" +: ${routed_svcj_options:="net_basic"} + set_rcvar_obsolete router_enable routed_enable set_rcvar_obsolete router routed_program set_rcvar_obsolete router_flags routed_flags diff --git a/libexec/rc/rc.d/routing b/libexec/rc/rc.d/routing index d7113eb90722..893acb83cf4a 100755 --- a/libexec/rc/rc.d/routing +++ b/libexec/rc/rc.d/routing @@ -435,4 +435,8 @@ options_inet6() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +routing_svcj="NO" + run_rc_command "$@" diff --git a/libexec/rc/rc.d/rpcbind b/libexec/rc/rc.d/rpcbind index 699fdd094241..c393df666219 100755 --- a/libexec/rc/rc.d/rpcbind +++ b/libexec/rc/rc.d/rpcbind @@ -13,6 +13,8 @@ desc="Universal addresses to RPC program number mapper" rcvar="rpcbind_enable" command="/usr/sbin/${name}" +: ${rpcbind_svcj_options:="net_basic"} + stop_postcmd='/bin/rm -f /var/run/rpcbind.*' load_rc_config $name diff --git a/libexec/rc/rc.d/rtadvd b/libexec/rc/rc.d/rtadvd index 1340c18e29e4..99fec22604aa 100755 --- a/libexec/rc/rc.d/rtadvd +++ b/libexec/rc/rc.d/rtadvd @@ -18,6 +18,8 @@ extra_commands="reload" reload_cmd="rtadvd_reload" start_precmd="rtadvd_precmd" +: ${rtadvd_svcj_options:="net_basic"} + rtadvd_precmd() { # This should be enabled with a great care. @@ -69,4 +71,7 @@ rtadvd_reload() { } load_rc_config $name + +# precmd is not compatible with svcj +rtadvd_svcj="NO" run_rc_command "$1" diff --git a/libexec/rc/rc.d/rtsold b/libexec/rc/rc.d/rtsold index fe21e5a235bb..5578af5a367f 100755 --- a/libexec/rc/rc.d/rtsold +++ b/libexec/rc/rc.d/rtsold @@ -16,6 +16,8 @@ command="/usr/sbin/${name}" pidfile="/var/run/${name}.pid" start_postcmd="rtsold_poststart" +: ${rtsold_svcj_options:="net_basic"} + rtsold_poststart() { # wait for DAD diff --git a/libexec/rc/rc.d/rwho b/libexec/rc/rc.d/rwho index ea6c6c8c3b20..f35bcda30ebf 100755 --- a/libexec/rc/rc.d/rwho +++ b/libexec/rc/rc.d/rwho @@ -14,5 +14,7 @@ desc="System status server" rcvar="rwhod_enable" command="/usr/sbin/${name}" +: ${rwhod_svcj_options:="net_basic"} + load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/savecore b/libexec/rc/rc.d/savecore index 9f326eba21b3..889476591dac 100755 --- a/libexec/rc/rc.d/savecore +++ b/libexec/rc/rc.d/savecore @@ -78,4 +78,8 @@ savecore_start() } load_rc_config $name + +# doesn't make sense to run in a svcj +savecore_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/sdpd b/libexec/rc/rc.d/sdpd index 1de7ed5d8fa9..a7bf51ecdc75 100755 --- a/libexec/rc/rc.d/sdpd +++ b/libexec/rc/rc.d/sdpd @@ -21,4 +21,7 @@ group="${sdpd_groupname:-nobody}" user="${sdpd_username:-nobody}" command_args="-c ${control} -g ${group} -u ${user}" +# doesn't make sense to run in a svcj: nojail keyword +sdpd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/securelevel b/libexec/rc/rc.d/securelevel index 427d424f5e3d..e5c5a410cf62 100755 --- a/libexec/rc/rc.d/securelevel +++ b/libexec/rc/rc.d/securelevel @@ -22,4 +22,8 @@ securelevel_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +securelevel_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/sendmail b/libexec/rc/rc.d/sendmail index 68803a957952..94100b6d00a9 100755 --- a/libexec/rc/rc.d/sendmail +++ b/libexec/rc/rc.d/sendmail @@ -19,6 +19,8 @@ rcvar="sendmail_enable" required_files="/etc/mail/${name}.cf" start_precmd="sendmail_precmd" +: ${sendmail_svcj_options:="net_basic"} + load_rc_config $name command=${sendmail_program:-/usr/sbin/${name}} pidfile=${sendmail_pidfile:-/var/run/${name}.pid} diff --git a/libexec/rc/rc.d/sshd b/libexec/rc/rc.d/sshd index 63113fd9ee74..000336a6dcc8 100755 --- a/libexec/rc/rc.d/sshd +++ b/libexec/rc/rc.d/sshd @@ -25,6 +25,12 @@ extra_commands="configtest keygen reload" : ${sshd_ecdsa_enable:="yes"} : ${sshd_ed25519_enable:="yes"} +# sshd in a jail would not see other jails. As such exclude it from +# svcj_all_enable="YES" by setting sshd_svcj to NO. This allows to +# enable it in rc.conf. +: ${sshd_svcj:="NO"} +: ${sshd_svcj_options:="net_basic"} + sshd_keygen_alg() { local alg=$1 diff --git a/libexec/rc/rc.d/statd b/libexec/rc/rc.d/statd index 03254932c37c..3f2678af2940 100755 --- a/libexec/rc/rc.d/statd +++ b/libexec/rc/rc.d/statd @@ -16,15 +16,18 @@ rcvar=rpc_statd_enable command="/usr/sbin/rpc.${name}" start_precmd='statd_precmd' +: ${statd_svcj_options:="net_basic"} + # Make sure that we are either an NFS client or server, and that we get # the correct flags from rc.conf(5). # statd_precmd() { force_depend rpcbind || return 1 - - rc_flags=${rpc_statd_flags} } load_rc_config $name + +rc_flags=${rpc_statd_flags} + run_rc_command $1 diff --git a/libexec/rc/rc.d/static_arp b/libexec/rc/rc.d/static_arp index b6ad064cc102..42db3c2c8fff 100755 --- a/libexec/rc/rc.d/static_arp +++ b/libexec/rc/rc.d/static_arp @@ -70,4 +70,8 @@ static_arp_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +statc_arp_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/static_ndp b/libexec/rc/rc.d/static_ndp index 8f0f3fc35957..e66c4a0080c3 100755 --- a/libexec/rc/rc.d/static_ndp +++ b/libexec/rc/rc.d/static_ndp @@ -69,4 +69,8 @@ static_ndp_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +static_ndp_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/stf b/libexec/rc/rc.d/stf index 48a27b542f05..94a585693982 100755 --- a/libexec/rc/rc.d/stf +++ b/libexec/rc/rc.d/stf @@ -75,4 +75,8 @@ stf_down() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +stf_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/swap b/libexec/rc/rc.d/swap index fb1e11281ea6..f7663fc422bf 100755 --- a/libexec/rc/rc.d/swap +++ b/libexec/rc/rc.d/swap @@ -14,4 +14,8 @@ start_cmd='/sbin/swapon -aq' stop_cmd=':' load_rc_config $name + +# doesn't make sense to run in a svcj: privileged operations +swap_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/swaplate b/libexec/rc/rc.d/swaplate index 28beb8e835c9..da86cb2bf686 100755 --- a/libexec/rc/rc.d/swaplate +++ b/libexec/rc/rc.d/swaplate @@ -14,4 +14,8 @@ start_cmd='/sbin/swapon -aLq' stop_cmd='/sbin/swapoff -aLq' load_rc_config swap + +# doesn't make sense to run in a svcj: privileged operations +swaplate_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/syscons b/libexec/rc/rc.d/syscons index beef467deaf8..325628a83d8c 100755 --- a/libexec/rc/rc.d/syscons +++ b/libexec/rc/rc.d/syscons @@ -396,5 +396,9 @@ syscons_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +syscons_svcj="NO" + run_rc_command $* diff --git a/libexec/rc/rc.d/sysctl b/libexec/rc/rc.d/sysctl index 5d586776929e..0ca753b530af 100755 --- a/libexec/rc/rc.d/sysctl +++ b/libexec/rc/rc.d/sysctl @@ -34,4 +34,8 @@ sysctl_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +sysctl_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/sysctl_lastload b/libexec/rc/rc.d/sysctl_lastload index 335bd9cdc1bc..6d97561ed2c0 100755 --- a/libexec/rc/rc.d/sysctl_lastload +++ b/libexec/rc/rc.d/sysctl_lastload @@ -14,4 +14,8 @@ start_cmd="/etc/rc.d/sysctl lastload" stop_cmd=":" load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +sysctl_lastload_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/syslogd b/libexec/rc/rc.d/syslogd index 3f67014d0b01..8d0ff952a6b2 100755 --- a/libexec/rc/rc.d/syslogd +++ b/libexec/rc/rc.d/syslogd @@ -22,6 +22,8 @@ extra_commands="reload" sockfile="/var/run/syslogd.sockets" evalargs="rc_flags=\"\`set_socketlist\` \$rc_flags\"" +: ${syslogd_svcj_options:="net_basic"} + syslogd_precmd() { local _l _ldir diff --git a/libexec/rc/rc.d/sysvipc b/libexec/rc/rc.d/sysvipc index a76e662576db..ce38db598641 100755 --- a/libexec/rc/rc.d/sysvipc +++ b/libexec/rc/rc.d/sysvipc @@ -22,4 +22,8 @@ sysvipc_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: privileged operations +sysvipc_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/tlsclntd b/libexec/rc/rc.d/tlsclntd index ff1336b2d08a..5688c7ff53a2 100755 --- a/libexec/rc/rc.d/tlsclntd +++ b/libexec/rc/rc.d/tlsclntd @@ -15,6 +15,8 @@ rcvar="tlsclntd_enable" command="/usr/sbin/rpc.${name}" pidfile="/var/run/rpc.${name}.pid" +: ${tlsclntd_svcj_options:="net_basic"} + load_rc_config $name run_rc_command "$1" diff --git a/libexec/rc/rc.d/tlsservd b/libexec/rc/rc.d/tlsservd index 98a713dd3ff5..989e17996043 100755 --- a/libexec/rc/rc.d/tlsservd +++ b/libexec/rc/rc.d/tlsservd @@ -14,6 +14,8 @@ desc="NFS over TLS server side daemon" rcvar="tlsservd_enable" command="/usr/sbin/rpc.${name}" +: ${tlsservd_svcj_options:="net_basic nfsd"} + pidfile="/var/run/rpc.${name}.pid" required_files="/etc/rpc.tlsservd/cert.pem /etc/rpc.tlsservd/certkey.pem" extra_commands="reload" diff --git a/libexec/rc/rc.d/tmp b/libexec/rc/rc.d/tmp index bde1ba257c2c..cc970816e45c 100755 --- a/libexec/rc/rc.d/tmp +++ b/libexec/rc/rc.d/tmp @@ -37,6 +37,9 @@ stop_cmd=':' load_rc_config $name +# doesn't make sense to run in a svcj: mounting +tmp_svcj="NO" + mount_tmpmfs() { while read line; do diff --git a/libexec/rc/rc.d/ubthidhci b/libexec/rc/rc.d/ubthidhci index a311ec07ebf6..9792a0e3530d 100755 --- a/libexec/rc/rc.d/ubthidhci +++ b/libexec/rc/rc.d/ubthidhci @@ -28,6 +28,10 @@ ubthidhci_prestart() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +ubthidhci_svcj="NO" + # # We discard the output because: # 1) we don't want it to show up during boot; and diff --git a/libexec/rc/rc.d/ugidfw b/libexec/rc/rc.d/ugidfw index 852c04bc216f..13b20c45ee29 100755 --- a/libexec/rc/rc.d/ugidfw +++ b/libexec/rc/rc.d/ugidfw @@ -48,4 +48,8 @@ ugidfw_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: nojail keyword +ugidfw_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/utx b/libexec/rc/rc.d/utx index 96bbae07d2cf..d7149f66e68b 100755 --- a/libexec/rc/rc.d/utx +++ b/libexec/rc/rc.d/utx @@ -16,4 +16,8 @@ start_cmd="utx boot" stop_cmd="utx shutdown" load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +utx_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/var b/libexec/rc/rc.d/var index ff5150a96904..b4939e2bc4a0 100755 --- a/libexec/rc/rc.d/var +++ b/libexec/rc/rc.d/var @@ -39,6 +39,9 @@ stop_cmd=':' load_rc_config $name +# doesn't make sense to run in a svcj: mounting +var_svcj="NO" + populate_var() { /usr/sbin/mtree -deiU -f /etc/mtree/BSD.var.dist -p /var > /dev/null diff --git a/libexec/rc/rc.d/var_run b/libexec/rc/rc.d/var_run index bf8f0cb737b4..0dc37698ee76 100755 --- a/libexec/rc/rc.d/var_run +++ b/libexec/rc/rc.d/var_run @@ -17,6 +17,9 @@ stop_cmd="_var_run_stop" load_rc_config $name +# doesn't make sense to run in a svcj: config setting +var_run_svcj="NO" + _var_run_load() { test -f ${var_run_mtree} && mtree -U -i -q -f ${var_run_mtree} -p /var/run > /dev/null diff --git a/libexec/rc/rc.d/virecover b/libexec/rc/rc.d/virecover index ed65fc00474a..d6f9f8bdef9a 100755 --- a/libexec/rc/rc.d/virecover +++ b/libexec/rc/rc.d/virecover @@ -62,4 +62,8 @@ virecover_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +virecover_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/watchdogd b/libexec/rc/rc.d/watchdogd index 7565d8bcd94d..6cd37b8c5ceb 100755 --- a/libexec/rc/rc.d/watchdogd +++ b/libexec/rc/rc.d/watchdogd @@ -88,4 +88,8 @@ watchdogd_poststop() } load_rc_config $name + +# doesn't make sense to run in a svcj: privileged operations +watchdogd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/wpa_supplicant b/libexec/rc/rc.d/wpa_supplicant index fea0f36997ef..61525a82894b 100755 --- a/libexec/rc/rc.d/wpa_supplicant +++ b/libexec/rc/rc.d/wpa_supplicant @@ -33,4 +33,7 @@ command_args="-B -i $ifn -c $conf_file -D $driver -P $pidfile" required_files=$conf_file required_modules="wlan_wep wlan_tkip wlan_ccmp" +# doesn't make sense to run in a svcj: nojail keyword +wpa_supplicant_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/ypbind b/libexec/rc/rc.d/ypbind index b4e47cb0a37d..a6bf00f1ed9d 100755 --- a/libexec/rc/rc.d/ypbind +++ b/libexec/rc/rc.d/ypbind @@ -13,6 +13,8 @@ name="ypbind" desc="NIS domain binding daemon" rcvar="nis_client_enable" +: ${ypbind_svcj_options:="net_basic"} + load_rc_config $name command="/usr/sbin/${name}" diff --git a/libexec/rc/rc.d/ypldap b/libexec/rc/rc.d/ypldap index 051d0ce9977e..579b004a07c0 100755 --- a/libexec/rc/rc.d/ypldap +++ b/libexec/rc/rc.d/ypldap @@ -12,6 +12,8 @@ name="ypldap" rcvar="nis_ypldap_enable" +: ${ypldap_svcj_options:="net_basic"} + load_rc_config $name command="/usr/sbin/${name}" diff --git a/libexec/rc/rc.d/yppasswdd b/libexec/rc/rc.d/yppasswdd index 83a7bcc713dd..81a04d753305 100755 --- a/libexec/rc/rc.d/yppasswdd +++ b/libexec/rc/rc.d/yppasswdd @@ -13,6 +13,8 @@ name="yppasswdd" desc="Server for updating NIS passwords" rcvar="nis_yppasswdd_enable" +: ${yppasswdd_svcj_options:="net_basic"} + load_rc_config $name command="/usr/sbin/rpc.${name}" diff --git a/libexec/rc/rc.d/ypserv b/libexec/rc/rc.d/ypserv index 9b60e9a55b25..8cae179fdd11 100755 --- a/libexec/rc/rc.d/ypserv +++ b/libexec/rc/rc.d/ypserv @@ -12,6 +12,8 @@ name="ypserv" desc="NIS database server" rcvar="nis_server_enable" +: ${ypserv_svcj_options:="net_basic"} + load_rc_config $name command="/usr/sbin/${name}" diff --git a/libexec/rc/rc.d/ypset b/libexec/rc/rc.d/ypset index 2f259de05e59..123a94ea44e8 100755 --- a/libexec/rc/rc.d/ypset +++ b/libexec/rc/rc.d/ypset @@ -14,6 +14,9 @@ rcvar="nis_ypset_enable" load_rc_config $name +# doesn't make sense to run in a svcj: config setting +ypset_svcj="NO" + command="/usr/sbin/${name}" command_args="${nis_ypset_flags}" diff --git a/libexec/rc/rc.d/ypupdated b/libexec/rc/rc.d/ypupdated index f7a7769c766a..1a4c595c745a 100755 --- a/libexec/rc/rc.d/ypupdated +++ b/libexec/rc/rc.d/ypupdated @@ -11,6 +11,8 @@ name="ypupdated" rcvar="rpc_ypupdated_enable" +: ${ypupdated_svcj_options:="net_basic"} + load_rc_config $name command="/usr/sbin/rpc.${name}" diff --git a/libexec/rc/rc.d/ypxfrd b/libexec/rc/rc.d/ypxfrd index 3bc7fd8d29e6..ea929b0d25ce 100755 --- a/libexec/rc/rc.d/ypxfrd +++ b/libexec/rc/rc.d/ypxfrd @@ -12,6 +12,8 @@ name="ypxfrd" desc="NIS map transfer server" rcvar="nis_ypxfrd_enable" +: ${ypxfrd_svcj_options:="net_basic"} + load_rc_config $name command="/usr/sbin/rpc.${name}" diff --git a/libexec/rc/rc.d/zfs b/libexec/rc/rc.d/zfs index d7c5b20ee6d1..26bf3046444b 100755 --- a/libexec/rc/rc.d/zfs +++ b/libexec/rc/rc.d/zfs @@ -75,4 +75,8 @@ zfs_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: mounting / config setting +zfs_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/zfsbe b/libexec/rc/rc.d/zfsbe index 31b0a180800f..f61f3bf097f0 100755 --- a/libexec/rc/rc.d/zfsbe +++ b/libexec/rc/rc.d/zfsbe @@ -85,4 +85,8 @@ be_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: mounting / config setting +zfsbe_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/zfsd b/libexec/rc/rc.d/zfsd index 5b9c2ea31837..f0abeeeb446b 100755 --- a/libexec/rc/rc.d/zfsd +++ b/libexec/rc/rc.d/zfsd @@ -13,4 +13,8 @@ rcvar="zfsd_enable" command="/usr/sbin/${name}" load_rc_config $name + +# doesn't make sense to run in a svcj +zfsd_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/zfskeys b/libexec/rc/rc.d/zfskeys index c558eb3af5d7..ea38182a66c7 100755 --- a/libexec/rc/rc.d/zfskeys +++ b/libexec/rc/rc.d/zfskeys @@ -116,4 +116,8 @@ unload_zfs_keys() zfskeys_args=$(encode_args "$@") load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +zfskeys_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/zpool b/libexec/rc/rc.d/zpool index 5a5ef00755cc..94e107bd9ae0 100755 --- a/libexec/rc/rc.d/zpool +++ b/libexec/rc/rc.d/zpool @@ -34,4 +34,8 @@ zpool_start() } load_rc_config $name + +# doesn't make sense to run in a svcj +zpool_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/zpoolreguid b/libexec/rc/rc.d/zpoolreguid index 77ecac13ad5a..f94630d9283f 100755 --- a/libexec/rc/rc.d/zpoolreguid +++ b/libexec/rc/rc.d/zpoolreguid @@ -22,4 +22,8 @@ zpoolreguid_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +zpoolreguid_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/zpoolupgrade b/libexec/rc/rc.d/zpoolupgrade index 6f5720bac6a7..1435cba7199c 100755 --- a/libexec/rc/rc.d/zpoolupgrade +++ b/libexec/rc/rc.d/zpoolupgrade @@ -22,4 +22,8 @@ zpoolupgrade_start() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +zpoolupgrade_svcj="NO" + run_rc_command "$1" diff --git a/libexec/rc/rc.d/zvol b/libexec/rc/rc.d/zvol index 351dce09ca27..b9f17fad5bfd 100755 --- a/libexec/rc/rc.d/zvol +++ b/libexec/rc/rc.d/zvol @@ -42,4 +42,8 @@ zvol_stop() } load_rc_config $name + +# doesn't make sense to run in a svcj: config setting +zvol_svcj="NO" + run_rc_command "$1"